Your MCP Server Can Read Your iMessages
This post is about the files on your Mac that MCP servers can access — the ones most developers don't know are exposed — and what you can do about it.
Engineering Insights
Deep dives into software architecture, cloud infrastructure, and scalable system design.
From Vibe-Coded App to SOC 2 Audit in 60 Seconds
Vibe coding is real now. Developers are shipping entire services by describing what they want to Claude Code or Cursor. I've done it. You've probably done it. The output is surprisingly good.
The SaaS Moat is Draining
We’ve all watched SaaS valuations take a beating over the past few months. Lately, it feels like every time Claude rolls out a new feature, SaaS stocks drop another few percentage points. But here’s how I interpret what’s actually going on.
MCP Is Everywhere. So Are Its Attack Surfaces.
Model Context Protocol has had a remarkable run. In under a year, it became the default way to wire AI agents to external tools — databases, APIs, file systems, cloud services, crypto wallets. Cursor, Windsurf, Claude Code, and most serious AI coding environments now ship with MCP support out of the box. The ecosystem is growing fast.
Which makes the next part worth paying attention to.
Securing AI Agents: From Code Scanning to Runtime Enforcement
AI agents aren't experimental anymore. They write code, run shell commands, call external APIs, and orchestrate complex workflows — usually with the same OS privileges as the developer who launched them. That convenience is real. So is the risk.
